FI116815B - Security transmission of electronic documents - Google Patents

Description

1 1 Electronic document transmission

The application relates to the transmission of information over data networks, in particular to the security of information.

5

Internet-based communication is usually unprotected and third-party Teva is easily accessible viestiliikei This solution has been developed in a variety of encryption techniques to esirr e-mail content can be encrypted so that it must not be bystanders to op 10 self-encrypted message into the wrong hands had to watch the game.

Traditionally, the problem with encrypted messages is that the encryption Tote and the creation and reading of encrypted messages require the recipient to either use special software for encryption or to have 15 characters in the case of a word processor, using a specific version and encryption feature. This makes it difficult to know if a random recipient is ready to open a message. Also, the recipient of the message cannot install the database encryption software they use if the recipient reads the guest 's in the internet cafe.

• «• ·» • · ·

The object of the invention is to provide the possibility of secure communication • · · · · separate software or the recipient and sender software environment. For the operation of the system and method of the invention, the SSL encryption fc is available to the sender and the receiver. . web browser that uses standard encryption. In addition, you need 1 «* * this password securely, for example by phone, letter, fax t • * • * · i. * 111 * ..... 1, .1. a. · I ...

2, and other claims are embodiments of the invention. Solutions other than those described, but which help to understand the invention according to the invention, are also described below.

5

The following describes the operation of the ice pack using the illustration.

Fig. 1 is a block diagram of a system according to the invention. In the figure, a message or document is transmitted by A and its recipient is forwarded by server S. The arrows and corresponding numbers represent a message or communication events; shipments. SSL-tagged data transfers are encrypted and use (known asymmetric SSL protocol for encrypting the message. SS 15 Sockets Layer) is a supported by almost all Internet browsers and well used for example banking security; guarantee. Originally developed by Netcsape, SSL is another suitable encryption protocol for the same purpose.

F * · * 20 The sender first contacts the security server S, to which he or she * * V · s against the recipient. Preferably, the recipient is sent an email notification of the stored message. Message 2 may include a power link. The sender will then only notify the password ·· · or the recipient may have already provided the one-time password to the sender for the data transfer. The password is un. . reversible, although it can be set several times in succession * * *.

• «• ♦ 3 11 ructure, public key systems) to or from a trusted system and use of the system at least once for Ottar. SSL protocol in this case, during the transmission, encryption is used, otherwise disposable is used. 5 In addition, if someone has heard the password, the correct recipient nevertheless reads the message and leaks the information itself to improve security. This means that the ice system only reads once or once, or how many times the message has already been read. The system can also: Change the keystrokes of long passwords 10 for other purposes without any problems. Thus, it is possible to change even the public encryption method so that the key itself is transmitted according to the invention m <and the correct sender is confirmed, for example, by the password sent by SMS. Thus, it is known that the master of the mobile telephone subscription is also the one who sent the keys 15

Messages on the server itself can be kept encrypted by the messages they received, in which case they can never be accessed without decrypting without guessing the password. This will increase confidence and in the event of a burglary, the information of your parents will never be leaked, even if * · 20 is leaked. In addition, server maintenance does not even have the ability to * * read mail without passwords, this also applies to requests from e: · * »ί * '·: authorities. The encryption can be done in the usual way with 9 encryption, for example 3DES algorithm, so that the password · * is first a random long encryption key, which then encrypts the docu itself * * * '* ·' 25 The public key or asymmetric encryption can also be used:. the random long symmetry used to encrypt the document itself · · · its key is encrypted for storage with a number of asymmetric public • · * · * l-ι ---_____ ui „:« u: ____________ 4 1 na, for example, maintenance and police each have a key, lemme needed to read messages after a court decision

The encryption can also be done only with the knowledge of the administrator or the password of the sender 5, or be completely unencrypted and rely solely on good security. This is especially true when larger information is expected than information leakage. This makes sense in the context of your organization's own communications, which may justify being able to read messages from your own server and security against 10 outside worlds. The information may also be encrypted because, in fact, the traffic between a number of computers interconnected via the Internet must in any case be encrypted. Thus, one can store a number of servers and another set of servers serves clients, the data is stored encrypted on file servers, no monitoring of clients' messages can be made by monitoring server transfers, unless other encryption is used to secure data transmission.

Once the recipient has received the message on the server and received the password from the sender, they can contact from anywhere

: "·· 20 from any computer with an encrypted WWW

• ·: Λ: He then opens the connection by either manually entering the link to the notification email. The server will ask the recipient's electrical • *} for another identifier and password, which is preferably a one-time use.

25 Using the system and method is as easy as using mink. Using WWW Email. The recipient is provided with a user ID or / and disposable message security in the mi system of the invention.

5 1 dostos and if you want to delete the message from the server immediately. The content of the link that the server uses to identify the recipient of the message. Responding to the need to set anything, it is enough for the sender to notify the recipient o for sending the notification and to enter the password in the system.

If the recipient does not want or can provide an e-mail address, keep the identifying identifier contained in the link to the recipient as an example or as a text message so that the recipient does not have to provide his or her nearly 10 e-mail addresses to receive the message. Of course, it is possible to authenticate with a password, but then losing some of your data in the system becomes more complicated because user authentication «requires comparing passwords before they are accepted. For example, use a service key provided with an email or a link provided by r 15 t to authenticate the user and the word encrypted and only compare the encrypted results with the message

In addition, keeping the password and user separate allows multiple readings at the same time, since the user can be identified separately. In this case, however, the same password must be used: 1 '· 20 for messages or the system must be allowed to read messages with eg1 Y ·: the most common password of the same sender. If multiple Y .; so you need to be able to rely on sender information for the upload and that • ·: the password has not been leaked or no one has entered an incorrect ID \ l to enter a new password and read the messages. That is, the sender should recognize; • · '··· 1 25 with a permanent password before sending. So practically Samai. . Using nan for simultaneously readable messages is the safest exchange ♦ # · • «« • »· 1« · «« A1 A «.i.!. ·. · ...... i. . . -. . . For example, sending a password list to a customer to send and receive messages along with a quotation letter can easily provide a secure means of messaging for follow-up messages, while being sure that the recipient has actually sent the messages. If 5 is completely under your control in this example, you might think that the e-mail lists are stored on the server and the client contacts are only logged into the system. The server itself checks the password as messages are read.

The invention is characterized by what is disclosed in the independent claims, and advantageous applications are disclosed in the dependent claims. The invention also relates to a functional software product as described above, for example for installation on a server.

15 • · * ·· f «» · · • »f • · mm1 * mm · * 1 · • i * 1 1 * · · ·« · ♦ 9 «» ♦ ♦ · ♦ · • t • · m • 9 • # • · · • 1 9 9 9 • 9 1 I ·· i · m • 9 • «

Claims (10)

A method for risk-free transmission of information, in which the method <ver (S) conveys information utilizing a connection for an https corresponding to public key encryption for the actual transmission vi (S) and from the sender (A) or to the receiver (B), characterized in that the information is conveyed by performing the following steps: - the sender checks in on the server with a browser by ai using an asymmetric encryption technology protected connection during the transmission - the sender transmits information to the server by using the protected connection, the same protected connection is used to a signal-specific code between the sender and the server - the server uses said code for storing the information cryptically 15. The server forms and sends a message in clear text, the preference identification identifying link or an identification data containing information about the information to the recipient of the information - the sender of the information allows the code to be sent to the recipient without risk, the recipient has notified their desired code in advance to the sender: * ·· 20 - the recipient follows the message link e \ k * ·: Λ sent by the server with the web browser message with an asymmetric encryption: ... ! pace with the server via a protected connection, which identifies the information · · · · · The base of the link or recipient transmits identification data • * · - the receiver delivers to the server a code specific to the above information «* '··· * 25 with its Internet address. browser utilizing a connection protected rr,. public key encryption In the I # server, it encrypts the encrypted information and relays the • · 11 «. J r **. «I J, 1,,, | .t || u is read via email and it contains a link, with the help of which recipients seek information from the server by providing an information mirror server. Method according to claim 1 for risk-free transmission of information, characterized in that the server sends a message in plain text a channel other than e-mail, e.g. voice mail or text information. 4. A method as claimed in claim 1, characterized in, received tea to be able to read the information, follow the link to a protected capable browser and output said code, after which the server shows it by means of the protected connection in clear text without having to change nro or sender something else encryption program out of the browser automatically formed the protected connection. 15 Method according to claim 1, characterized in that the information transmitted in clear text contains a statement that it is transmitted by the sender. 6. A method according to claim 1, characterized in that a further information is conveyed between the parties on prior notice: * ··: the message is sent. 7. A method according to claim 1, characterized in that an identifying code is provided to the sender for prior knowledge. message to the recipient along with the arrival message, varvic * · re relays the server's message all the way forward. • · 9. Server system for risk-free transmission of information, wherein the server (allows information utilization by https or equivalent public method protected connection for transmission of the information itself in the server (S) and the sender (A) or the receiver (B), characteristic of the server transmits information by performing the following steps: - receives information with the web browser after unsymmetrically having received the transmitter in the system - receives information with the web browser after having protected contact with asymmetric 10 - receives or forms a code and transmits it to its sender - encrypts the received information with said code and law encrypted information - forms and transmits in clear text, preferably an information identical link or identification data containing message to be forwarded to the information recipient link or the received identification data received information or information: * ·· 20 - receives the information from the recipient of the code using a <connection, and - unpacks the encrypting information and communicates the utilized * * protected clear connection information to the recipient. «· * I 4 4 4 4 ·» 25 • · 4 4 «4 4 4 • 4 · 4 444 Λ m